Cassandra

From Objectif Client Inc

Revision as of 19:45, 11 October 2020 by Nicolas (talk | contribs) (→‎Key space managmenet)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Cassandra

nodetool status

bin/cqlsh localhost
SELECT cluster_name, listen_address FROM system.local;

Intial Seciruty

Update /etc/cassandra/yaml to add password authentification

Old value:
authenticator: AllowAllAuthenticator

Change with this new value:
authenticator: PasswordAuthenticator

Test new configuration

cqlsh -u cassandra -p cassandra

Change default cassandra password

ALTER USER cassandra WITH PASSWORD 'newPassword';

Create a backup Admin

create role myadmin with password = 'myAdminPassword' and login = true and superuser = true;

Key space managmenet

List all keyspaces

SELECT * FROM system_schema.keyspaces;

Create a keyspace

create KEYSPACE mmyKeyspace WITH replication = {'class': 'NetworkTopologyStrategy', 'datacenter1': 3};

Create a role that has all permissions in all keyspaces:

CREATE ROLE keyspace_admin;
GRANT ALL PERMISSIONS ON ALL KEYSPACES TO keyspace_admin;
GRANT keyspace_admin to martin;

Create an administrator role for a single keyspace:

CREATE ROLE cycling_admin;
GRANT ALL PERMISSIONS ON KEYSPACE cycling to cycling_admin;
GRANT cycling_admin TO sandy;

Create a role that can only make data changes, INSERT, UPDATE, DELETE, and TRUNCATE for any table in the keyspace cycling:

GRANT MODIFY ON KEYSPACE cycling TO team_manager;
GRANT team_manager to sandy;

Create a role that can only select data and use functions in the cycling keyspace:

CREATE ROLE cyclist_analyst;
GRANT SELECT ON KEYSPACE cycling TO cyclist_analyst;
GRANT EXECUTE ON ALL FUNCTIONS IN KEYSPACE cycling to cyclist_analyst;
GRANT cyclist_analyst TO wilson;

Retrieved from "http://wiki.objclt.ca/wiki/index.php?title=Cassandra&oldid=1153"